Author: tkreuzer Date: Sun Feb 23 15:37:06 2014 New Revision: 62304 URL: http://svn.reactos.org/svn/reactos?rev=62304&view=rev Log: [NTOSKRNL] Fix logic in ObSetSecurityDescriptorInfo Modified: branches/kernel-fun/reactos/ntoskrnl/ob/obsecure.c Modified: branches/kernel-fun/reactos/ntoskrnl/ob/obsecure.c URL: http://svn.reactos.org/svn/reactos/branches/kernel-fun/reactos/ntoskrnl/ob/… ============================================================================== --- branches/kernel-fun/reactos/ntoskrnl/ob/obsecure.c [iso-8859-1] (original) +++ branches/kernel-fun/reactos/ntoskrnl/ob/obsecure.c [iso-8859-1] Sun Feb 23 15:37:06 2014 @@ -131,73 +131,70 @@ /* Get the object header */ ObjectHeader = OBJECT_TO_OBJECT_HEADER(Object); + + /* Reference the old descriptor */ + OldDescriptor = ObpReferenceSecurityDescriptor(ObjectHeader); + NewDescriptor = OldDescriptor; + + /* Set the SD information */ + Status = SeSetSecurityDescriptorInfo(Object, + SecurityInformation, + SecurityDescriptor, + &NewDescriptor, + PoolType, + GenericMapping); + if (!NT_SUCCESS(Status)) + { + /* We failed, dereference the old one */ + if (OldDescriptor) ObDereferenceSecurityDescriptor(OldDescriptor, 1); + return Status; + } + while (TRUE) { - /* Reference the old descriptor */ - OldDescriptor = ObpReferenceSecurityDescriptor(ObjectHeader); - NewDescriptor = OldDescriptor; - - /* Set the SD information */ - Status = SeSetSecurityDescriptorInfo(Object, - SecurityInformation, - SecurityDescriptor, - &NewDescriptor, - PoolType, - GenericMapping); - if (NT_SUCCESS(Status)) + /* Now add this to the cache */ + Status = ObLogSecurityDescriptor(NewDescriptor, + &CachedDescriptor, + MAX_FAST_REFS + 1); + + /* Let go of our uncached copy */ + ExFreePool(NewDescriptor); + + /* Check for success */ + if (!NT_SUCCESS(Status)) { - /* Now add this to the cache */ - Status = ObLogSecurityDescriptor(NewDescriptor, - &CachedDescriptor, - MAX_FAST_REFS + 1); - - /* Let go of our uncached copy */ - ExFreePool(NewDescriptor); - - /* Check for success */ - if (NT_SUCCESS(Status)) - { - /* Do the swap */ - FastRef = (PEX_FAST_REF)OutputSecurityDescriptor; - OldValue = ExCompareSwapFastReference(FastRef, - CachedDescriptor, - OldDescriptor); - - /* Get the security descriptor */ - SecurityDescriptor = ExGetObjectFastReference(OldValue); - Count = ExGetCountFastReference(OldValue); - - /* Make sure the swap worked */ - if (SecurityDescriptor == OldDescriptor) - { - /* Flush waiters */ - ObpAcquireObjectLock(ObjectHeader); - ObpReleaseObjectLock(ObjectHeader); - - /* And dereference the old one */ - ObDereferenceSecurityDescriptor(OldDescriptor, Count + 2); - break; - } - else - { - /* Someone changed it behind our back -- try again */ - ObDereferenceSecurityDescriptor(OldDescriptor, 1); - ObDereferenceSecurityDescriptor(CachedDescriptor, - MAX_FAST_REFS + 1); - } - } - else - { - /* We failed, dereference the old one */ - ObDereferenceSecurityDescriptor(OldDescriptor, 1); - break; - } + /* We failed, dereference the old one */ + ObDereferenceSecurityDescriptor(OldDescriptor, 1); + break; + } + + /* Do the swap */ + FastRef = (PEX_FAST_REF)OutputSecurityDescriptor; + OldValue = ExCompareSwapFastReference(FastRef, + CachedDescriptor, + OldDescriptor); + + /* Get the security descriptor */ + SecurityDescriptor = ExGetObjectFastReference(OldValue); + Count = ExGetCountFastReference(OldValue); + + /* Make sure the swap worked */ + if (SecurityDescriptor == OldDescriptor) + { + /* Flush waiters */ + ObpAcquireObjectLock(ObjectHeader); + ObpReleaseObjectLock(ObjectHeader); + + /* And dereference the old one */ + ObDereferenceSecurityDescriptor(OldDescriptor, Count + 2); + break; } else { - /* We failed, dereference the old one */ - if (OldDescriptor) ObDereferenceSecurityDescriptor(OldDescriptor, 1); - break; + /* Someone changed it behind our back -- try again */ + ObDereferenceSecurityDescriptor(OldDescriptor, 1); + ObDereferenceSecurityDescriptor(CachedDescriptor, + MAX_FAST_REFS + 1); } }